DEFINITIONS (ACCORDING TO GDPR)
To meet the requirement of providing a data protection declaration that is easy to understand and read, we use the general terms of the GDPR, which are defined below using the wording of the GDPR:
Personal data is all information which relates to an identified or identifiable natural person (also “data subject”); a natural person is deemed to be identifiable if he can be identified directly or indirectly, in particular by the allocation of an identifier such as a name, an identification number, location data, an online identifier or one or more distinctive features which are an expression of the physical, physiological, genetic, psychic, economic, cultural or social identify of this natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing is the marking of stored personal data with the aim of limiting its processing in the future.
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data cannot attributed to an identified or identifiable natural person.
Controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of this data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
NAME AND ADDRESS OF THE CONTROLLER OF THE PROCESSING
SAERTEX GmbH & Co. KG
Management Board: Bruno Lammers (Managing Director), Christoph Geyer, Dietmar Möcke
Brochterbecker Damm 52
DATA PROTECTION OFFICER
You can contact our Data Protection Officer regarding any matters relating to data protection.
Cortina Consult GmbH
Tel.: (02 51) 20 80 16 28
If you have any questions concerning the processing of your personal data, if you want to exercise your data subject rights (e.g. right to information, correction, block or deletion of data) or if you want to withdraw any consent you have given, please contact our Data Protection Officer direct.
These cookies may contain a so-called cookie ID, a clear identifier, consisting of a character string which enables websites and servers to be allocated to the storing browser.
At the same time we obtain via these cookies information which enables us to optimise our websites to the needs of our visitors. We use some cookies only for the duration of your visit to our website. All of the cookies on our website contain purely technical information, they do not contain any personal data.
Our website can be used without cookies (although you may not have full use of the functions). Most browsers are set so that they accept cookies automatically. You can, though, deactivate the storage of cookies or set your browser so that it sends you a message as soon as cookies are sent.
RECORDING OF GENERAL DATA AND INFORMATION
As soon as you visit our website, some general data and technical information are collected by our web server – as shown by the table below:
Your data will not be disclosed to third parties.
INFORMATION ABOUT DATA SECURITY
We protect our website and other systems with technical and organisational measures against the loss, deletion, access to, changing or distribution of your data by unauthorised persons. We have also implemented SSL encryption (SHA256) on our website to protect your data. However, despite regular controls, it is not possible to provide full protection against all risks.
LEGAL BASIS OF PROCESSING
We process personal data in accordance with the requirements of the GDPR, depending on the nature and purpose of the processing as follows:
Statutory authorisation / Requirement of the GDPR
Informed consent / Art. 6 Para. 1 a
Performance of a contract / Art. 6 Para. 1 b
Implementation of measures prior to entering into a contract / Art. 6 Para. 1 b
Compliance with legal obligations / Art. 6 Para. 1 c
Protect vital interests / Art. 6 Para. 1 d
Protect our legitimate interest / Art. 6 Para. 1 f
OUR LEGITIMATE INTEREST
Our legitimate interest defined pursuant to Article 6 Para. 1 f GDPR is based on the performance of our business activities to maintain our operating capability and safeguard the employment of our staff.
If the purpose for which the data is stored no longer exists, it will be stored for the respective statutory retention period. After this retention period has expired, we delete the data if it is no longer required for the performance of the contract or the contract initiation process.
OBLIGATION TO PROVIDE PERSONAL DATA
Under certain conditions (e.g. due to statutory requirements or contract provisions) you will have an obligation to provide us with your personal data. Examples of such processing are as follows:
Nature and purpose of the processing / Necessary
Conclusion of a purchase contract (e.g. your address) / Performance of the contractual obligation (e.g. delivery of the goods to your address)
In the employment context (e.g. transmission of data to the Tax Office) / Compliance with statutory requirements (e.g. tax regulations)
The consequence of non-compliance (i.e. the necessary data is not provided) for you would be that the respective data processing could not take place and therefore the corresponding contract could not be concluded with you. We will, upon request and on a case-by-case basis, explain to you whether the data needs to be provided for statutory or contractual reasons or for the conclusion of the contract and what the consequences of refusal would be for you.
EXISTENCE OF AUTOMATED DECISION-MAKING
We have no automated decision-making processes and do not use any technology to implement profiling measures.
We use several Facebook integrations on our entire website; Facebook is a so-called social network in which users who have a registered personal profile contact each other, communicate through different channels and can share information (texts, videos, pictures) from themselves and others with each other.
The controller for Facebook within the meaning of the GDPR is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Every time you visit our website, Facebook registers this with the downloaded installed components (Facebook plugin, Facebook pixel). If you are a registered Facebook user and are permanently logged into your personal profile, Facebook also recognises what sites you visit. Facebook collects this information and automatically assigns it to your user profile. In addition, every interaction by you with the integrations installed on our website are similarly registered by Facebook and assigned to your profile. If you do not agree with this assignment of your data, please log out of your Facebook account before you visit our website. You can opt out of the general collection of your data by Facebook pixel on our website by clicking on the opt-out button below.
Click on the following link for an overview of the plugins offered by Facebook: https://developers.facebook.com/docs/plugins/?locale=en_gb; Facebook also informs in its data policy, which can be accessed via the following link, about the processing of personal data: https://de-de.facebook.com/about/privacy.
On the website you will also find various settings options to increase or ensure the protection of your privacy.
We use a Xing integration on our entire website; Xing is a so-called social network in which users who have a registered personal business profile contact each other, communicate through different channels and can share information (texts, events, pictures) from themselves and others with each other.
The controller for Xing within the meaning of the GDPR is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
Every time you visit our website, Xing registers this with the downloaded installed components (Xing plugin). If you are a registered Xing user and are permanently logged into your personal business profile, Xing also recognises what sites you visit. Xing collects this information and automatically assigns it to your user profile. In addition, every interaction by you with the integrations installed on our website are similarly registered by Xing and assigned to your profile. If you do not agree with this assignment of your data, please log out of your Xing account before you visit our website.
We use a YouTube integration on our entire website; YouTube is an online video portal which enables the publication, viewing, assessment of and commenting on all kinds of footage published.
The controller for YouTube within the meaning of the GDPR is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, represented by Sundar Pichai (Chief Executive Officer).
Every time you visit our website, YouTube and Google register this with the downloaded installed components (YouTube plugin or video). If you are a registered YouTube or Google user and are permanently logged into your personal profile, YouTube and Google also recognise what sites you visit. YouTube and Google collect this information and automatically assign it to your user profile. In addition, every interaction by you with the integrations installed on our website are similarly registered by YouTube and Google and assigned to your respective profile. If you do not agree with this assignment of your data, please log out of your YouTube or Google account before you visit our website.
We use a Twitter component on our entire website; Twitter is a so-called microblogging service in which users who have a registered personal profile can publish short messages, so-called Tweets. These Tweets are public – and can therefore also be seen by non-registered persons. Any Tweet channel can be subscribed to by any registered user, so-called followers. Twitter uses links, Retweets (the forwarding of messages of other users) and the now widespread hashtags (#) to reach as wide an audience as possible with their content.
The controller for Twitter within the meaning of the GDPR is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.
We use a LinkedIn integration on our entire website; LinkedIn is a so-called social network in which users who have a registered personal business profile contact each other, communicate through different channels and can share information (texts, events, pictures) from themselves and others with each other.
The controller for LinkedIn within the meaning of the GDPR is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Every time you visit our website, LinkedIn registers this with the downloaded installed components (LinkedIn plugin). If you are a registered LinkedIn user and are permanently logged into your personal business profile, LinkedIn also recognises what sites you visit. LinkedIn collects this information and automatically assigns it to your user profile. In addition, every interaction by you with the integrations installed on our website are similarly registered by LinkedIn and assigned to your profile. If you do not agree with this assignment of your data, please log out of your LinkedIn account before you visit our website.
Click on the following link for an overview of the plugins offered by LinkedIn: https://developer.linkedin.com/plugins. By clicking on the following link, you can also deactivate e-mail and SMS messages and targeted advertising by LinkedIn: https://www.linkedin.com/psettings/guest-controls.
GOOGLE ANALYTICS (WITH ANONYMISATION FUNCTION)
We have integrated Google Analytics on our website; this is a web analysis services which collects personal data for the analysis of the behaviour of website visitors. With this service, Google records among other things the site you that referred you to our website, what subpages you visit or how often or how long you view a certain page. This data is collected, though, without a direct link to your person; your IP address is also (if you visit our website from a member state of the EU or the EEA) only processed anonymously with the help of the script provided by Google ("_anonymizeIP( )“). We use Google Analytics only for the purpose of optimising our website from a cost-benefit viewpoint.
The controller for Google Analytics within the meaning of the GDPR is Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.
In order to conduct the web analysis, Google places a so-called cookie (see also the section on “Cookies”) on your PC, which controls the processing of the respective data for the web analysis and its transfer to Google. Personal data such as the access time, the place from which the site is accessed and the frequency of visit is collected and stored by the cookie. You can prevent cookies from being placed on your computer by Google by following the procedure described in the section on “Cookies”. You can also deactivate the analysis by Google by installing a browser plugin provided by Google; you can download and install the relevant add-on at the following link: https://tools.google.com/dlpage/gaoptout. The opt-out transmitted by this plugin to Google only applies for the respective browser and only within the respective system upon which it was installed. If you visit our website from a mobile device (smartphone or tablet), instead of the plugin you can use the following link to turn off Google Analytics.
By clicking on the link, a so-called opt-out cookie will be placed in your browser which is only valid for this website and your browser, so long as you do not delete this cookie; in this case the link has to be clicked on again. Further information and Google’s applicable data protection terms can be found at https://www.google.de/intl/de/policies/privacy/ and at https://www.google.com/analytics/terms/gb.html.A detailed explanation of how Google Analytics works can be found at: https://www.google.com/intl/en_uk/analytics/#?modal_active=none.
As part of our service philosophy, we regularly send out interesting information and relevant news about our products, events and developments about our company. For the dispatch of the newsletter the indication of a valid E-Mail address is necessary (mandatory field). Further details serve the personalized address within the letter.
We send newsletters both within the scope of the legitimate interest pursuant to Art. 6 para. 1 (f) GDPR (taking into account recital 47, last sentence, under which direct advertising may constitute a legitimate interest) and on the basis of your informed consent, including double opt-in. During the double opt-in process, you will receive a confirmation e-mail immediately after registering for our newsletter in order to rule out possible misuse by third parties and unreasonable harassment as far as possible. The data collected for the newsletter will be used exclusively for the purpose of sending the newsletter; this data will not be passed on to third parties. You have the right to object to the use of your data for direct advertising purposes at any time with effect for the future; a unsubscribe link is included in every newsletter. Alternatively, you can also contact our data protection officer directly.
Our newsletters contain so-called counting pixels, which is a 1x1 pixel graphic that we integrate into our HTML-formatted e-mails. This graphic is downloaded from our web server, which registers the number of downloads. We use this technique for statistical purposes in order to measure the range and success of our newsletter campaigns and to adapt our content to your interests in the best possible way. This data is not passed on to third parties. You can object to the use of this technology at any time, e.g. by preventing the download of graphics from the Internet within your e-mail program or the receipt of HTML e-mails. When you unsubscribe from our newsletter, any data assigned to the respective e-mail address will be automatically deleted.
We use AddSearch on our website, an integrated plugin for the display of a search function for content within our website. The plugin allows you to search our entire website for specific keywords.
The responsible entity for AddSearch within the meaning of the GDPR is AddSearch Oy, PL 68, FI-00101 Helsinki, Finland, represented by Antti Ala-Ilkka (founder and CEO).
Every time you actively use this search function on our website, your browser may transmit personal data (such as your IP address) to Addsearch.